Skip to content

[12.x] Fix RateLimiter remaining() to handle negative maxAttempts values #58211

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
faisuc wants to merge 1 commit into
base: 12.x
Choose a base branch
from
Open

[12.x] Fix RateLimiter remaining() to handle negative maxAttempts values #58211

faisuc wants to merge 1 commit into from
+15 −1

Conversation

@faisuc
Copy link
Contributor

@faisuc faisuc commented Dec 25, 2025

Fixes #58014.

PR #57851 changed RateLimiter::remaining() to use max(0, $maxAttempts - $attempts) to prevent negative values when attempts exceed the limit. This broke cases where $maxAttempts is negative.
Before PR #57851, remaining('key', -1) returned a negative number, so !remaining('key', -1) was false. After the change, it returned 0, so !remaining('key', -1) became true, which is incorrect.
This fix checks if $maxAttempts >= 0 before applying the max() clamp. For negative values, it returns -1 to indicate unlimited attempts, restoring the previous behavior while keeping the fix for non-negative values.
The change preserves PR #57851's behavior for normal cases and restores the ability to disable rate limiting with negative values.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Changes in RateLimiter::remaining altered behaviour for negative values of $maxAttempts parameter

1 participant

@faisuc